peterz (OP)
Newbie
 Offline
Activity: 28
Merit: 0
|
 |
April 11, 2013, 10:15:55 PM |
|
I apologize if it was suggested before, but I couldn't find it in the forum.
The problem:
What I see the main problem with bitcoin wallets (online or private) is that if somebody hacks into it, it can transfer all your bitcoins immediatelly and the transaction is irreversible.
The solution:
Suggesting to have two kinds of wallets:
1) Wallet for daily usage, which would allow the immediate transactions like the current wallets do. The users would typically use those with small amount of bitcoins needed for everyday use, similar like your real wallet having just small amount of cash.
2) Wallet for storing, which would not allow immediate transactions. Those transactions would be scheduled, and would execute only after certain time interval (let's say 24h or 48h).
Such pending transaction would be cancellable at any time during that interval. This feature would prevent the attacker to steal your bitcoins quickly. Using appropriate notifications for scheduling the transactions, the rightful owner would be able to cancel maliciously planned transactions.
What do you think?
Thanks,
-P
|
|
|
|
|
|
|
|
|
|
"You Asked For Change, We Gave You Coins" -- casascius
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
DarkPunk
Member
Offline
Activity: 182
Merit: 10
|
|
April 12, 2013, 12:38:48 AM |
|
Why? Just don't be stupid with your Private Keys.
P.S. This topic probably belongs under "Bitcoin Discussion", not "Project Development"
|
|
|
|
|
peterz (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 12, 2013, 06:45:07 AM |
|
I am sorry, it is not a question of being stupid.
The issue is that a regular user doesn't have any clue about cryptography, public/private keys etc. However each of them would understand to cancel transaction which didn't originate from them, providing they'd have the chance.
It's about making adoption of Bitcoin easy for everybody.
If the adoption will require too much of knowledge especially about security, as it does now, then the wide spread adoption won't happen.
|
|
|
|
|
DarkPunk
Member
Offline
Activity: 182
Merit: 10
|
|
April 12, 2013, 06:49:11 AM |
|
I am sorry, it is not a question of being stupid.
The issue is that a regular user doesn't have any clue about cryptography, public/private keys etc. However each of them would understand to cancel transaction which didn't originate from them, providing they'd have the chance.
It's about making adoption of Bitcoin easy for everybody.
If the adoption will require too much of knowledge especially about security, as it does now, then the wide spread adoption won't happen.
Bitcoin is a crypto currency. It's entire purpose is to be a secure, non-refundable, system of monetary exchange. If you want a payment processor that offers cancellations (PayPal for BTC), then that is what you will need to find, start, or contribute towards, but bitcoin isn't intended to be cancel-able, for a reason. |
|
|
|
|
Xenland
Legendary
Offline
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
|
|
April 12, 2013, 07:06:25 AM |
|
Its just a physical property of reality. You can only know something unless you or someone else discovers it, if you discover your Bitcoin address and don't tell anyone know body else can gain access to your money.
In other words nobody can solve stupidity, you either risk fraud by online/public/private wallet or you risk your own stupidity you can't have both....
|
|
|
|
|
|
thatbluedude
|
|
April 12, 2013, 07:31:54 AM |
|
Bitcoin is a crypto currency. It's entire purpose is to be a secure, non-refundable, system of monetary exchange. If you want a payment processor that offers cancellations (PayPal for BTC), then that is what you will need to find, start, or contribute towards, but bitcoin isn't intended to be cancel-able, for a reason.
I don't think has asks for bitcoin transfers to be refundable, as the transfers wouln't hit the blockchain until the delay was over(as I understand it). this function may be usefull in some cases, but has imo no urgency. perhaps as a nice to have feature in bitcoind v4.x |
|
|
|
|
odolvlobo
Legendary
Offline
Activity: 4312
Merit: 3214
|
|
April 12, 2013, 07:42:02 AM
Last edit: April 12, 2013, 03:44:31 PM by odolvlobo |
|
I apologize if it was suggested before, but I couldn't find it in the forum.
The problem:
What I see the main problem with bitcoin wallets (online or private) is that if somebody hacks into it, it can transfer all your bitcoins immediatelly and the transaction is irreversible.
The solution:
Suggesting to have two kinds of wallets:
1) Wallet for daily usage, which would allow the immediate transactions like the current wallets do. The users would typically use those with small amount of bitcoins needed for everyday use, similar like your real wallet having just small amount of cash.
2) Wallet for storing, which would not allow immediate transactions. Those transactions would be scheduled, and would execute only after certain time interval (let's say 24h or 48h).
Such pending transaction would be cancellable at any time during that interval. This feature would prevent the attacker to steal your bitcoins quickly. Using appropriate notifications for scheduling the transactions, the rightful owner would be able to cancel maliciously planned transactions.
You can transfer bitcoins to an offline or paper wallet. That money can't be spent until it is transferred back. Nobody can do that except you because it is offline. There are wallets (such as Armory) that support offline wallets. Bitcoin transactions cannot be cancelled. That is a fundamental property of Bitcoin. Encrypting your wallet is simple and provides basic protection that is sufficient for most people. Unfortunately, many people don't encrypt their wallets, and so some of them get ripped off. Nobody should use a wallet that is not both encrypted and backed up. |
Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
|
|
|
Xenland
Legendary
Offline
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
|
|
April 12, 2013, 08:36:31 AM |
|
Rereading it again, it just seems like all one would have to do is just make a "timed" rawtx be sent out (which could be cancelled) . ALl you would have to do now is push one of the Bitcoin GUI devs to add that in, nothing needs to be done to the Bitcoin network or protocal logic it self at all.
|
|
|
|
|
|
someguy123
|
|
April 12, 2013, 09:44:15 AM |
|
Rereading it again, it just seems like all one would have to do is just make a "timed" rawtx be sent out (which could be cancelled) . ALl you would have to do now is push one of the Bitcoin GUI devs to add that in, nothing needs to be done to the Bitcoin network or protocal logic it self at all.
That could also just be easily scripted, I mean people could always buy a rasp pi and stick this "timed offline wallet" script on it. There's also the issue of... if the "hacker" can send that transaction, can't they also cancel your transactions? |
|
|
|
DarkPunk
Member
Offline
Activity: 182
Merit: 10
|
|
April 12, 2013, 06:28:48 PM
Last edit: April 19, 2013, 02:56:02 AM by Maged |
|
Rereading it again, it just seems like all one would have to do is just make a "timed" rawtx be sent out (which could be cancelled) . ALl you would have to do now is push one of the Bitcoin GUI devs to add that in, nothing needs to be done to the Bitcoin network or protocal logic it self at all.
That could also just be easily scripted, I mean people could always buy a rasp pi and stick this "timed offline wallet" script on it. There's also the issue of... if the "hacker" can send that transaction, can't they also cancel your transactions? This doesn't work. In the scenario OP describes, the hacker steals the private key, he doesn't send them from the client the OP is using. All the hacker would have to do is use a different client. (I would have just have generated the rawtx and sent it manually). The only way to add a way to universally cancel transactions is to change how the chain processes transactions. |
|
|
|
|
peterz (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 12, 2013, 06:36:01 PM |
|
Rereading it again, it just seems like all one would have to do is just make a "timed" rawtx be sent out (which could be cancelled) . ALl you would have to do now is push one of the Bitcoin GUI devs to add that in, nothing needs to be done to the Bitcoin network or protocal logic it self at all. Yes, exactly I didn't want to change how the Bitcoin protocol, just would like to have such feature in the existing (or new) business, similar to 2 step verification feature. |
|
|
|
|
peterz (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 12, 2013, 06:39:20 PM |
|
<That could also just be easily scripted, I mean people could always buy a rasp pi and stick this "timed offline wallet" script on it.
There's also the issue of... if the "hacker" can send that transaction, can't they also cancel your transactions?>
Sure of course, but the hacker can't steal anything by cancellation of the transaction. It would be an annoyance for you but you would retain your money, which should be a huge difference for you.
In sum the feature would prevent (or make it much harder) the stealing.
|
|
|
|
|
peterz (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 12, 2013, 06:41:23 PM |
|
This doesn't work. In the scenario OP describes, the hacker steals the private key, he doesn't send them from the client the OP is using. All the hacker would have to do is use a different client. (I would have just have generated the rawtx and sent it manually).
The only way to add a way to universally cancel transactions is to change how the chain processes transactions.
Are you saying that in order to have such feature, it requires a change in the Bitcoin protocol? |
|
|
|
|
Sukrim
Legendary
Offline
Activity: 2618
Merit: 1006
|
|
April 12, 2013, 06:46:07 PM |
|
Not publishing transactions for X hours/minutes or setting an execution time in the future that would allow to cancel the transaction would help against "fat finger" errors. It wouldn't help against someone holding a private key without changes in the way transactions work - once someone has a private key, this person can do whatever they want with the coins that are associated with it.
You can arbitrarily limit yourself but not a determined attacker.
|
|
|
|
Xenland
Legendary
Offline
Activity: 980
Merit: 1003
I'm not just any shaman, I'm a Sha256man
|
|
April 15, 2013, 08:28:06 PM |
|
Not publishing transactions for X hours/minutes or setting an execution time in the future that would allow to cancel the transaction would help against "fat finger" errors. It wouldn't help against someone holding a private key without changes in the way transactions work - once someone has a private key, this person can do whatever they want with the coins that are associated with it.
You can arbitrarily limit yourself but not a determined attacker.
Greats valid points! The best bet would be not to hold any bitcoins on the wallet and just hold the "rawtx" signed data on the wallet that are awaiting to be sent. |
|
|
|
|
peterz (OP)
Newbie
Offline
Activity: 28
Merit: 0
|
|
April 19, 2013, 12:04:17 AM |
|
Guys, thanks for your responses.
It means that my suggestion wouldn't fly, especially due to following scenario:
1) Attacker gets the private key, and starts a transaction;
2) I am notified and cancel the attaker's transaction;
3) Then I try to start my transaction to move the bitcoins to safer place;
4) However the attacker cancels my transaction as well;
5) Then all repeats...
I realized the delaying of the transaction doesn't really help. We need something else. Something which is more like a "vault" then just a "wallet".
I think I have another idea, but I'll start another thread on that.
Thanks!
|
|
|
|
|
|
